3

I need to fix (with or without regex) so you can access "/admin.php?+" but not "/SUBSITE/admin.php?+" on a site. Anyone has a good idea of how to fix that?

J Rog
  • 45
  • 7

1 Answers1

2

Here is a regex which might fit your need (your original question was a bit vague):

^(?!www\.mysite\.com\/.*\/admin\.php).*$

I have tested this regex and it blocks "www.mysite.com/*/admin.php", but it allows the following:

www.mysite.com/*/guestbook.php
www.mysite.com/*.php

If you want additional restrictions in the regex, then let me know and I can refine this answer.

Regex101

Tim Biegeleisen
  • 502,043
  • 27
  • 286
  • 360
  • I understand what you mean now when i read it. But basically what i meant is that you should be able to go to "www.mysite.com/admin.php?test=1" but not "www.mysite.com/SUBSITE/admin.php?test=1". With or without the querystring in the URL. And also SUBSITE can be anything, so its not just that path i want to restrict access to. – J Rog Oct 27 '15 at 08:03
  • Please clarify your original question as it is not clear. – Tim Biegeleisen Oct 27 '15 at 08:04
  • I really appreciate your answer @tim-biegeleisen, but SUBSITE can be anything. So it can be "www.mysite.com/apache/" or "www.mysite.com/test/". – J Rog Oct 27 '15 at 09:41
  • If you will allow `SUBSITE` to be _anything_, then there would be no way to distinguish it from the case you want to match. Again, you need to rethink your question. – Tim Biegeleisen Oct 27 '15 at 09:43
  • What i want to do is to restrict access to "www.mysite.com/*/admin.php". I think that will be easier to understand :) – J Rog Oct 27 '15 at 09:51
  • Can you give a few more examples of permissible and forbidden URLs? – Tim Biegeleisen Oct 27 '15 at 09:53
  • You should be able to go to any other part of the site, so i guess i just need the restriction regex for "www.mysite.com/*/admin.php". – J Rog Oct 27 '15 at 09:55
  • Can you please give a couple more allowed URLs? – Tim Biegeleisen Oct 27 '15 at 09:57
  • Any other URL should be allowed, its just "www.mysite.com/*/admin.php" that should be restricted. So if i go to "www.mysite.com/*/guestbook.php" it should be possible. Should also be possible to access anything on the mainsite, like "www.mysite.com/*.php" – J Rog Oct 27 '15 at 09:59
  • Looks great! what about if i want the "www.mysite.com" to be "*"? and just make it to be "*.se" instead? – J Rog Oct 27 '15 at 10:17
  • Not sure what you are asking. Again, could you give me an example? – Tim Biegeleisen Oct 27 '15 at 10:28
  • If i dont want it to be just for a specific site like "www.mysite.com". I want it to to be for any site so i can use the same regex on multiple sites. But i still want it to be restricted to the ".se" domain. So it should be like "*.se" instead, so i can use it on "www.test.se" and "www.site.se" but not on "www.test.com" and "www.site.com". – J Rog Oct 27 '15 at 10:37
  • Then you can tweak the regex I gave you. I will stop at this point. – Tim Biegeleisen Oct 27 '15 at 10:38
  • It works like a charm! Thanks for all your work on this Tim Biegeleisen! – J Rog Oct 27 '15 at 10:45
  • This is strange, when i tried to put "^(?!.se\/.*\/wp-admin\.php).*$" into the LocationMatch every single page was restricted on the website. – J Rog Oct 27 '15 at 12:07
  • Are you restricting on matching this regex or not matching? – Tim Biegeleisen Oct 27 '15 at 12:32